Skip to main content
SpringerLink
Log in

SecMD: Make Machine Learning More Secure Against Adversarial Malware Attacks

  • Conference paper
  • First Online:
AI 2017: Advances in Artificial Intelligence (AI 2017)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 10400))

Included in the following conference series:

Abstract

As machine learning based systems have been successfully deployed for malware detection, the incentive for defeating them increases. In this paper, we explore the security of machine learning in malware detection on the basis of a learning-based classifier. In particular, (1) considering different capabilities of the attackers (i.e., how much knowledge they have regarding feature representation, training set, and learning algorithm), we present a set of corresponding adversarial attacks and implement a general attack model AdvAttack to thoroughly assess the adversary behaviors; (2) to effectively counter these evasion attacks, we propose a resilient yet elegant secure-learning paradigm SecMD to improve the system security against a wide class of adversarial attacks. Promising experimental results based on the real sample collections from Comodo Cloud Security Center demonstrate the effectiveness of our proposed methods.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.virustotal.com/.

References

  1. Bailey, M., Oberheide, J., Andersen, J., Mao, Z.M., Jahanian, F., Nazario, J.: Automated classification and analysis of internet malware. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 178–197. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74320-0_10

    Chapter  Google Scholar 

  2. Baldangombo, U., Jambaljav, N., Horng, S.-J.: A static malware detection system using data mining methods. CoRR J. 1308(2831) (2013)

    Google Scholar 

  3. Biggio, B., Corona, I., Maiorca, D., Nelson, B., Šrndić, N., Laskov, P., Giacinto, G., Roli, F.: Evasion attacks against machine learning at test time. In: Blockeel, H., Kersting, K., Nijssen, S., Železný, F. (eds.) ECML PKDD 2013. LNCS, vol. 8190, pp. 387–402. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40994-3_25

    Chapter  Google Scholar 

  4. Bruckner, M., Kanzow, C., Scheffer, T.: Static prediction games for adversarial learning problems. J. Mach. Learn. Res. 13(1), 2617–2654 (2012)

    MathSciNet  MATH  Google Scholar 

  5. Chen, L., Hardy, W., Ye, Y., Li, T.: Analyzing file-to-file relation network in malware detection. In: Wang, J., Cellary, W., Wang, D., Wang, H., Chen, S.-C., Li, T., Zhang, Y. (eds.) WISE 2015. LNCS, vol. 9418, pp. 415–430. Springer, Cham (2015). doi:10.1007/978-3-319-26190-4_28

    Chapter  Google Scholar 

  6. Dalvi, N., Domingos, P., Sanghai, S.M., Verma, D.: Adversarial classification. In: KDD 2004 (2004)

    Google Scholar 

  7. Das, S., Liu, Y., Zhang, W., Chandramohan, M.: Semantics-based online malware detection: towards efficient real-time protection against malware. IEEE Trans. Inf. Forensics Secur. 11(2), 289–302 (2016)

    Article  Google Scholar 

  8. Debarr, D., Sun, H., Wechsler, H.: Adversarial spam detection using the randomized hough transform-support vector machine. In: ICMLA 2013, pp. 299–304 (2013)

    Google Scholar 

  9. Filiol, E., Jacob, G., Liard, M.: Evaluation methodology and theoretical model for antiviral behavioural detection strategies. J. Comput. Virol. 3(1), 23–37 (2007)

    Article  Google Scholar 

  10. Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. In: ICLR 2015 (2015)

    Google Scholar 

  11. Haghtalab, N., Fang, F., Nguyen, T.H., Sinha, A., Procaccia, A.D., Tambe, M.: Three strategies to success: learning adversary models in security games. In: IJCAI 2016 (2016)

    Google Scholar 

  12. Hardy, W., Chen, L., Hou, S., Ye, Y., Li, X.: DL4MD: a deep learning framework for intelligent malware detection. In: DMIN 2016, pp. 61–67 (2016)

    Google Scholar 

  13. KasperskyLab.: The great bank robbery (2015). http://www.kaspersky.com/about/news/virus/2015/Carbanak-cybergang-steals-1-bn-USD-from-100-financial-institutions-worldwide

  14. Kolbitsch, C., Kirda, E., Kruegel, C.: The power of procrastination: detection and mitigation of execution-stalling malicious code. In: CCS 2011, pp. 285–296 (2011)

    Google Scholar 

  15. Kolcz, A., Teo, C.H.: Feature weighting for improved classifier robustness. In: CEAS 2009 (2009)

    Google Scholar 

  16. Li, B., Vorobeychik, Y., Chen, X.: A general retraining framework for adversarial classification. In: NIPS (2016)

    Google Scholar 

  17. Nissim, N., Moskovitch, R., Rokach, L., Elovici, Y.: Novel active learning methods for enhanced PC malware detection in windows OS. Expert Syst. Appl. 41(13), 5843–5857 (2014)

    Article  Google Scholar 

  18. Papernot, N., McDaniel, P., Wu, X., Jha, S., Swami, A.: Distillation as a defense to adversarial perturbations against deep neural networks. In: IEEE Symposium on Security and Privacy (SP), pp. 582–597 (2016)

    Google Scholar 

  19. Peng, H., Long, F., Ding, C.: Feature selection based on mutual information: Criteria of max-dependency, max-relevance, and min-redundancy. IEEE Trans. Pattern Anal. Mach. Intell. 27(8) (2005)

    Google Scholar 

  20. Roli, F., Biggio, B., Fumera, G.: Pattern recognition systems under attack. In: Ruiz-Shulcloper, J., Sanniti di Baja, G. (eds.) CIARP 2013. LNCS, vol. 8258, pp. 1–8. Springer, Heidelberg (2013). doi:10.1007/978-3-642-41822-8_1

    Chapter  Google Scholar 

  21. Santos, I., Nieves, J., Bringas, P.G.: Semi-supervised learning for unknown malware detection. In: International Symposium on Distributed Computing and Artificial Intelligence, pp. 415–422 (2011)

    Google Scholar 

  22. Šrndic, N., Laskov, P.: Practical evasion of a learning-based classifier: a case study. In: SP 2014, pp. 197–211 (2014)

    Google Scholar 

  23. Wang, F., Liu, W., Chawla, S.: On sparse feature attacks in adversarial learning. In: ICDM 2014 (2014)

    Google Scholar 

  24. Woodbury, M.A.: Inverting modified matrices. Memorandum report. 42, Statistical Research Group, Princeton University, Princeton, NJ (1950)

    Google Scholar 

  25. Yang, P., Zhao, P.: A min-max optimization framework for online graph classification. In: CIKM 2015 (2015)

    Google Scholar 

  26. Ye, Y., Wang, D., Li, T., Ye, D., Jiang, Q.: An intelligent pe-malware detection system based on association mining. J. Comput. Virol. 4(4), 323–334 (2008)

    Article  Google Scholar 

  27. Ye, Y., Li, T., Jiang, Q., Han, Z., Wan, L.: Intelligent file scoring system for malware detection from the gray list. In: KDD 2009, pp. 1385–1394 (2009)

    Google Scholar 

  28. Ye, Y., Li, T., Zhu, S., Zhuang, W., Tas, E., Gupta, U., Abdulhayoglu, M.: Combining file content and file relations for cloud based malware detection. In: KDD 2011, pp. 222–230 (2011)

    Google Scholar 

  29. Zhang, F., Chan, P.P.K., Biggio, B., Yeung, D.S., Roli, F.: Adversarial feature selection against evasion attacks. IEEE Trans. Cybern. 46(3), 766–777 (2015)

    Article  Google Scholar 

  30. Zhou, D., Bousquet, O., Lal, T.N., Weston, J., Scholkopf, B.: Learning with local and global consistency. Adv. Neural Inform. Process. Syst. 16, 321–328 (2004)

    Google Scholar 

Download references

Acknowledgments

The authors would also like to thank the anti-malware experts of Comodo Security Lab for the data collection, as well as the helpful discussions and supports. This work is supported by the U.S. National Science Foundation under grant CNS-1618629 and WVU Senate Grants for Research and Scholarship (R-16-043).

Author information

Authors and Affiliations

  1. Department of Computer Science and Electrical Engineering, West Virginia University, Morgantown, WV, 26506, USA

    Lingwei Chen & Yanfang Ye

Authors
  1. Lingwei Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yanfang Ye
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yanfang Ye .

Editor information

Editors and Affiliations

  1. La Trobe University, Melbourne, Australia

    Wei Peng

  2. La Trobe Business School, La Trobe University, Bundoora, Victoria, Australia

    Damminda Alahakoon

  3. RMIT University, Melbourne, Australia

    Xiaodong Li

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Chen, L., Ye, Y. (2017). SecMD: Make Machine Learning More Secure Against Adversarial Malware Attacks. In: Peng, W., Alahakoon, D., Li, X. (eds) AI 2017: Advances in Artificial Intelligence. AI 2017. Lecture Notes in Computer Science(), vol 10400. Springer, Cham. https://doi.org/10.1007/978-3-319-63004-5_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-63004-5_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-63003-8

  • Online ISBN: 978-3-319-63004-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation